[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVE1mNoKmuPBkMeg9VGclpIYM_LRZF4wbjYVS89VrE4A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":127,"fingerprints":180},"resilience-compliance-manager","Resilience Compliance Manager","1.2.12","bean1352","https:\u002F\u002Fprofiles.wordpress.org\u002Fbean1352\u002F","\u003Cp>If you sell a WordPress plugin or theme to anyone in the EU, the EU Cyber Resilience Act (Regulation 2024\u002F2847) applies to you. It does not matter where you are based or whether your product is free. Agencies distributing custom plugins or themes to EU clients are also in scope.\u003C\u002Fp>\n\u003Cp>From September 11, 2026, you need a documented vulnerability reporting process, the required security documents, and a way to monitor your products for known vulnerabilities. ResilienceWP is built for WordPress developers — plugin developers, theme developers, and agencies — to cover all of that in one place.\u003C\u002Fp>\n\u003Cp>Non-compliance carries fines up to EUR 15 million or 2.5% of global annual turnover. Authorities can also force non-compliant products off the EU market.\u003C\u002Fp>\n\u003Cp>The free plan covers the paperwork side of compliance: checklist, five document templates, and the CRA education guide. Paid plans add automated vulnerability scanning, email alerts, the Incident Center for ENISA notification management, and downloadable compliance reports, all directly inside your WordPress admin. Pro plans also include webhook integrations for CI\u002FCD pipelines and external tools — get real-time notifications when scans complete or vulnerabilities are found.\u003C\u002Fp>\n\u003Cp>For pricing, documentation, and more details visit \u003Ca href=\"https:\u002F\u002Fwww.resiliencewp.com\" rel=\"nofollow ugc\">resiliencewp.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Compliance Checklist (Free)\u003C\u002Fh4>\n\u003Cp>26 actionable items, each mapped to a specific CRA article. Five categories cover everything the regulation requires:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Risk Assessment: documenting threats, attack surfaces, and mitigations\u003C\u002Fli>\n\u003Cli>Secure Development: secure defaults, no known exploitable vulnerabilities at release\u003C\u002Fli>\n\u003Cli>Vulnerability Handling: disclosure policy, coordinated reporting, user notification\u003C\u002Fli>\n\u003Cli>Required Documentation: SBOM, Declaration of Conformity, technical file\u003C\u002Fli>\n\u003Cli>Post-Market Obligations: ongoing monitoring, security updates, end-of-life policy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Every item has a plain-English explanation of what it means and why it matters. Check items off as you complete them. Progress saves automatically.\u003C\u002Fp>\n\u003Ch4>Document Generator (Free)\u003C\u002Fh4>\n\u003Cp>Generate the five documents the CRA requires before you can legally place a product on the EU market:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Vulnerability Disclosure Policy (Article 13(6)): your public process for receiving and handling security reports from researchers\u003C\u002Fli>\n\u003Cli>Incident Response Plan: your internal procedure when a vulnerability is discovered or actively exploited\u003C\u002Fli>\n\u003Cli>EU Declaration of Conformity: the formal self-declaration that your product meets CRA essential requirements\u003C\u002Fli>\n\u003Cli>Software Bill of Materials (SBOM) (Article 13): a structured inventory of your plugin’s components, dependencies, and third-party libraries\u003C\u002Fli>\n\u003Cli>security.txt: the machine-readable contact file security researchers use to reach you, placed at \u002F.well-known\u002Fsecurity.txt\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Fill in your plugin name, contact details, and a few specifics. Download in text or markdown format. No starting from scratch, no lawyer needed for the first draft.\u003C\u002Fp>\n\u003Ch4>CRA Education Centre (Free)\u003C\u002Fh4>\n\u003Cp>An article-by-article breakdown of Regulation (EU) 2024\u002F2847, written for developers rather than legal teams. Understand what each obligation actually requires: what counts as “active exploitation,” what an SBOM needs to contain, what the 24-hour reporting window really means.\u003C\u002Fp>\n\u003Ch4>Vulnerability Scanner (Basic and Pro)\u003C\u002Fh4>\n\u003Cp>Connect your account to ResilienceWP and it monitors your plugins against the WPScan vulnerability database on a regular schedule. Weekly on Basic, daily on Pro.\u003C\u002Fp>\n\u003Cp>You can monitor any plugin by its WordPress.org slug, not just the plugins currently installed on your site. If your plugin depends on WooCommerce, ACF, or any other third-party plugin, you can add those slugs directly and track vulnerabilities in your dependencies. Plugins can also be added directly from your installed plugins list.\u003C\u002Fp>\n\u003Cp>The moment a new vulnerability is found, you get an email with the severity rating, CVE ID, affected version range, and fix version if one is available. Back in your WordPress admin, vulnerabilities are grouped by plugin and sorted by date discovered, so you can see at a glance which plugins have open issues and how old they are.\u003C\u002Fp>\n\u003Cp>Each vulnerability card shows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Severity (Critical \u002F High \u002F Medium \u002F Low \u002F Info) with colour coding\u003C\u002Fli>\n\u003Cli>CVE identifier linked directly to the NVD entry\u003C\u002Fli>\n\u003Cli>The fix version (or “no fix available yet”)\u003C\u002Fli>\n\u003Cli>An action hint: whether to update, acknowledge, or open an incident\u003C\u002Fli>\n\u003Cli>A button to report the incident directly to the Incident Center\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Status tracking lets you mark vulnerabilities as Open, Acknowledged, In Progress, Resolved, or False Positive. Export the full vulnerability list as CSV for your compliance records.\u003C\u002Fp>\n\u003Ch4>Incident Center (Basic and Pro)\u003C\u002Fh4>\n\u003Cp>When a vulnerability in your plugin is being actively exploited, the CRA requires you to notify ENISA within 24 hours. The Incident Center tracks that deadline from the moment you log first awareness and guides you through the complete regulatory workflow.\u003C\u002Fp>\n\u003Cp>Creating a new incident logs the discovery timestamp and starts all three countdown timers simultaneously:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Early Warning: due within 24 hours of first awareness\u003C\u002Fli>\n\u003Cli>Vulnerability Notification: due within 72 hours, with full technical details\u003C\u002Fli>\n\u003Cli>Final Report: due within 14 days, including root cause and remediation steps\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The case view shows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Live countdown timers for each notification deadline, turning amber at 6 hours and red when overdue\u003C\u002Fli>\n\u003Cli>A completeness score on your incident report so you know exactly what information is still missing\u003C\u002Fli>\n\u003Cli>A “Where to Submit” section with direct links to ENISA’s reporting portal, the EU CSIRT network directory, and the CVE Programme at MITRE\u003C\u002Fli>\n\u003Cli>A full audit log recording every action taken, every field updated, and every notification submitted\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>On Pro, you can export the full incident case including all notifications and the complete audit log, formatted for submission to regulators or for your compliance archive.\u003C\u002Fp>\n\u003Ch4>Dashboard and Compliance Score\u003C\u002Fh4>\n\u003Cp>The dashboard gives you a live compliance score (0-100) with a transparent breakdown:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>-15 points per open critical vulnerability\u003C\u002Fli>\n\u003Cli>-7 points per open high vulnerability\u003C\u002Fli>\n\u003Cli>-3 points per open medium vulnerability\u003C\u002Fli>\n\u003Cli>-20 points per overdue incident (past the 24-hour ENISA deadline)\u003C\u002Fli>\n\u003Cli>-5 points per active open incident\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It is not a vanity metric. It is a working indicator of where you stand against your CRA obligations at any point in time, with the exact deductions shown so you know what to fix first.\u003C\u002Fp>\n\u003Ch4>Compliance Reports and SBOM Export (Basic and Pro)\u003C\u002Fh4>\n\u003Cp>Generate a PDF compliance report for auditors or regulators covering your vulnerability history, resolution timeline, and document status. Export your Software Bill of Materials in standard format, as required by CRA Article 13.\u003C\u002Fp>\n\u003Ch4>Webhook Integrations (Pro)\u003C\u002Fh4>\n\u003Cp>Connect ResilienceWP to your CI\u002FCD pipeline, Slack, or any external tool with webhook callbacks. Configure webhook endpoints in Settings and receive real-time HTTP POST notifications with HMAC-SHA256 signed payloads when:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A scheduled or manual scan completes\u003C\u002Fli>\n\u003Cli>A new vulnerability is found in one of your monitored plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Each webhook delivery is logged with status codes and response data, so you can debug integration issues directly from your WordPress admin. Manage up to 5 webhook endpoints per account, toggle them on and off, and filter by event type.\u003C\u002Fp>\n\u003Ch4>Who needs to comply\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Commercial plugin developers: selling to EU customers through any channel (your site, Envato, direct) makes you the manufacturer under the CRA\u003C\u002Fli>\n\u003Cli>WordPress agencies: distributing custom-built plugins to EU clients, even for a single client, counts as placing a product on the market\u003C\u002Fli>\n\u003Cli>Freemium developers: having a free version does not exempt you; any commercial activity tied to the product brings you in scope\u003C\u002Fli>\n\u003Cli>Theme developers: themes with shortcodes, API integrations, or custom post types may qualify as “products with digital elements”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key dates\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>10 December 2024: CRA entered into force. Transition period began.\u003C\u002Fli>\n\u003Cli>11 September 2026: Vulnerability and incident reporting obligations apply.\u003C\u002Fli>\n\u003Cli>11 December 2027: Full CRA application. All requirements in effect.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Source Code\u003C\u002Fh4>\n\u003Cp>The admin dashboard is built with React and compiled using Vite. The uncompiled source is included in the plugin ZIP under admin\u002Fsrc\u002F. To rebuild from source:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install Node.js 20+ and pnpm 10+\u003C\u002Fli>\n\u003Cli>Run \u003Ccode>pnpm install\u003C\u002Fcode> in the plugin directory\u003C\u002Fli>\n\u003Cli>Run \u003Ccode>pnpm build\u003C\u002Fcode> to recompile the admin dashboard\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>External Services\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>ResilienceWP API\u003C\u002Fstrong> (https:\u002F\u002Fapi.resiliencewp.com)\u003Cbr \u002F>\nUsed for API key verification, vulnerability scanning, incident management, and report generation. Data sent: API key, WordPress site URL, plugin slugs and versions.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.resiliencewp.com\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.resiliencewp.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WPScan\u003C\u002Fstrong> (via ResilienceWP API)\u003Cbr \u002F>\nPlugin vulnerability data is sourced from the WPScan database. Plugin slugs are sent through the ResilienceWP API. No personal data is sent from your WordPress installation directly to WPScan.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fterms\" rel=\"nofollow ugc\">WPScan Terms\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fprivacy\" rel=\"nofollow ugc\">WPScan Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Paddle\u003C\u002Fstrong> (payments)\u003Cbr \u002F>\nSubscription payments are processed by Paddle as merchant of record. Payment data is handled entirely by Paddle and never passes through our servers.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paddle.com\u002Flegal\u002Fterms\" rel=\"nofollow ugc\">Paddle Terms\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.paddle.com\u002Flegal\u002Fprivacy\" rel=\"nofollow ugc\">Paddle Privacy\u003C\u002Fa>\u003C\u002Fp>\n","CRA compliance for WordPress developers. Checklist, document generator, vulnerability scanner, and incident reporting for the 2026 EU deadline.",0,567,"2026-03-11T17:21:00.000Z","6.9.4","6.0","7.4",[18,19,20,21,22],"audit","compliance","gdpr","security","vulnerability-scanner","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fresilience-compliance-manager.1.2.12.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-03T20:00:49.071Z",[35,58,74,92,104],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":30,"unpatched_count":11,"last_vuln_date":57,"fetched_at":27},"gdpr-framework","The GDPR Framework By Data443","2.2.0","Data443 Risk Mitigation, Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fdata443\u002F","\u003Cp>This plugin is a service of \u003Ca href=\"https:\u002F\u002Fwww.data443.com\" rel=\"nofollow ugc\">Data443.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Data443 is a Data Security and Compliance company traded on the OTCMarkets as \u003Ca href=\"https:\u002F\u002Fwww.otcmarkets.com\u002Fstock\u002FATDS\u002Foverview\" rel=\"nofollow ugc\">ATDS\u003C\u002Fa>.  We have been providing leading GDPR compliance products such as \u003Ca href=\"https:\u002F\u002Fdata443.com\u002Fglobal-privacy-manager\u002F\" rel=\"nofollow ugc\">Global Privacy Manager\u003C\u002Fa>, Blockchain privacy, and enterprise cloud eDiscovery tools.\u003C\u002Fp>\n\u003Cp>The GDPR regulation is a large and complex law.  Each member country is to ratify it into its own legislation and language.  This makes it cumbersome to manage – but rest assured – we have a full \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">Site Owners Guide\u003C\u002Fa>  to help you learn and understand some of your requirements.\u003C\u002Fp>\n\u003Cp>This product gives a simple and elegant interface to handle Data Subject Access Requests (DSARs).\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>☑ Give users an optional time frame to give their consent\u003Cbr \u002F>\n☑ Do Not Sell my private information capability released\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Forders.data443.com\u002Fcart.php?gid=8\" rel=\"nofollow ugc\">Privacy Safe Seal™\u003C\u002Fa> now available – Strengthen your reputation by giving a visual representation of your Privacy Solution in operation!;\u003Cbr \u002F>\n☑ Enable DSAR on one page – allow even those without an account to automatically view, export and delete their personal data;\u003Cbr \u002F>\n☑ Configure the plugin to delete or anonymize personal data automatically or send a notification and allow admins to do it manually;\u003Cbr \u002F>\n☑ Track, manage and withdraw consent;\u003Cbr \u002F>\n☑ Generate a GDPR-compatible Privacy Policy template for your site;\u003Cbr \u002F>\n☑ Use a helpful installation wizard to get you started quickly;\u003Cbr \u002F>\n☑ Report on related data items within your WordPress installation;\u003Cbr \u002F>\n☑ Significantly reduce your staff time efforts dealing with DSARs;\u003Cbr \u002F>\n☑ Enable your larger organization to summarize and consolidate DSAR work;\u003Cbr \u002F>\n☑ Report to management on DSAR status, volume and data requirements;\u003Cbr \u002F>\n☑ We provide this fully documented;\u003Cbr \u002F>\n☑ We are developer-friendly. Everything can be extended, every feature and template can be overridden.\u003Cbr \u002F>\n☑ Cookie solution\u003Cbr \u002F>\n☑ Integration with WooCommerce Version 3.4.0 or later.\u003Cbr \u002F>\n☑ Integration with Easy Digital Download Version 2.6 or later.\u003Cbr \u002F>\n☑ Integration with Email Subscribers & Newsletters.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>Using The GDPR Framework does NOT guarantee compliance to GDPR. This plugin gives you general information and tools, but is NOT meant to serve as complete compliance package. Compliance to GDPR is risk-based ongoing process that involves your whole business. Data443 is not eligible for any claim or action based on any information or functionality provided by this plugin.\u003C\u002Fp>\n\u003Ch3>Notice: Special Details for those using Caching Plugins:\u003C\u002Fh3>\n\u003Cp>As the pages generated by our plugin are highly dynamic, we recommend you exclude all pages generated from caching in order for them to function properly.  Here is an example of how to exclude our pages in \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F718864404\" rel=\"nofollow ugc\">W3 Total Cache\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F709427345\" rel=\"nofollow ugc\">WP Fastest Cache\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">The WordPress Site Owner’s Guide to GDPR\u003C\u002Fa>\u003Cbr \u002F>\nFor developers: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2082439194\" rel=\"nofollow ugc\">Developer Docs\u003C\u002Fa>\u003Cbr \u002F>\nFor users: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F192708653\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Plugin support:\u003C\u002Fh3>\n\u003Cp>The GDPR Framework currently works with the following plugins\u003Cbr \u002F>\n☑ Contact Form 7 & Contact Form Flamingo\u003Cbr \u002F>\n☑ Gravity Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-gravity-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ Formidable Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-formidable-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ Ninja Forms – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-for-ninja-forms\u002F\" rel=\"ugc\">Download the GDPR add-on\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-digital-downloads\u002F\" rel=\"ugc\">Easy Digital Download\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Femail-subscribers\u002F\" rel=\"ugc\">Email Subscribers & Newsletters\u003C\u002Fa>\u003Cbr \u002F>\n☑ \u003Ca href=\"https:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>\u003C\u002Fp>\n","Easy to use tools to help make your website GDPR-compliant. Fully documented, extendable and developer-friendly.  Extensions to enterprise GDPR compli &hellip;",10000,692164,96,65,"2025-05-07T16:13:00.000Z","6.8.5","4.7","5.6",[19,20,52,21,53],"privacy","wordpress-gdpr","https:\u002F\u002Fwww.data443.com\u002Fgdpr-framework\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-framework.2.2.0.zip",99,"2025-03-03 00:00:00",{"slug":59,"name":60,"version":61,"author":39,"author_profile":40,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":25,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":49,"requires_php":50,"tags":69,"homepage":71,"download_link":72,"security_score":73,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gdpr-for-gravity-forms","Gravity Forms: GDPR Framework Add-On","2.0.0","\u003Cp>The easiest way to make your Gravity Forms GDPR compliant!\u003C\u002Fp>\n\u003Cp>This plugin is a service of \u003Ca href=\"https:\u002F\u002Fdata443.com\" rel=\"nofollow ugc\">Data443\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Data443 is a Data Security and Compliance company traded on the OTCMarkets as \u003Ca href=\"https:\u002F\u002Fwww.otcmarkets.com\u002Fstock\u002FATDS\u002Foverview\" rel=\"nofollow ugc\">ATDS\u003C\u002Fa>. We have been providing leading GDPR compliance products such as Global Privacy Manager (\u003Ca href=\"https:\u002F\u002Fwww.data443.com\u002Fglobal-privacy-manager\u002F\" rel=\"nofollow ugc\">Data443™ Global Privacy Manager\u003C\u002Fa>), Blockchain privacy, and enterprise cloud eDiscovery tools.\u003C\u002Fp>\n\u003Cp>This plugin adds new privacy features to Gravity Forms. Your visitors can download or delete their form submissions automatically or submit a request for the site admin to do so.\u003C\u002Fp>\n\u003Cp>Until WordPress releases their own GDPR compliance update, this plugin requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-framework\u002F\" rel=\"ugc\">The GDPR Framework\u003C\u002Fa> to function (it’s free!)\u003C\u002Fp>\n\u003Cp>Make sure to also read the guide! You don’t need to drown your customers in pointless acceptance checkboxes if you know what you’re doing!\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>Using Gravity Forms: GDPR Add-On does NOT guarantee compliance to GDPR. This plugin gives you general information and tools, but is NOT meant to serve as complete compliance package. Compliance to GDPR is risk-based ongoing process that involves your whole business. Data443 is not eligible for any claim or action based on any information or functionality provided by this plugin.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>How to use this plugin (practical guide): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F28246137\" rel=\"nofollow ugc\">Making your Gravity Forms GDPR-compliant\u003C\u002Fa>\u003Cbr \u002F>\nHow to use this plugin (the legal stuff explained): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2079293576\" rel=\"nofollow ugc\">Legal grounds for processing data\u003C\u002Fa>\u003Cbr \u002F>\nFull documentation: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">The WordPress Site Owner’s Guide to GDPR\u003C\u002Fa>\u003Cbr \u002F>\nFor developers: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2082439194\" rel=\"nofollow ugc\">Developer Docs\u003C\u002Fa>\u003Cbr \u002F>\nKnowledge Base: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F192708653\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>☑ Allow both users and visitors without an account to view, export and delete their form submissions or request the site admin to do so;\u003Cbr \u002F>\n☑ Configure forms to be excluded from viewing, exporting or deleting.\u003Cbr \u002F>\n☑ Support for anonymization: allow admin to select which fields must be anonymized;\u003Cbr \u002F>\n☑ Track, manage and withdraw consent.\u003C\u002Fp>\n","The easiest way to make your Gravity Forms GDPR-compliant. Fully documented, extendable and developer-friendly.",400,18304,2,"2022-07-28T14:55:00.000Z","6.0.11",[19,20,70,52,21],"gravity-forms","https:\u002F\u002Fwww.data443.com\u002Fgdpr-framework-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-for-gravity-forms.zip",85,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":25,"downloaded":82,"rating":25,"num_ratings":83,"last_updated":84,"tested_up_to":14,"requires_at_least":85,"requires_php":16,"tags":86,"homepage":90,"download_link":91,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"activity-log-pro","Activity Log Pro – Event Logger, Activity Monitor & Audit Log","1.0.4","Activity Log Pro","https:\u002F\u002Fprofiles.wordpress.org\u002Factivitylogpro\u002F","\u003Cblockquote>\n\u003Cp>\u003Cem>“This is a super slick plugin guys. Very simple to use, very clean interface. Super excited about it.”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fx.com\u002FPineDigitalCo\u002Fstatus\u002F1965138634732196243\" rel=\"nofollow ugc\">Ryan @ InfluenceWP.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cem>“Perfect! Robust and exemplary neat plugin! All the info that you need is in a clear overview.”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fperfect-10814\u002F\" rel=\"ugc\">@mixha\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Activity Log Pro\u003C\u002Fstrong> gives you a complete \u003Cstrong>audit trail\u003C\u002Fstrong> of everything happening on your WordPress site. See \u003Cstrong>who\u003C\u002Fstrong> logged in, \u003Cstrong>what\u003C\u002Fstrong> content changed, exactly \u003Cstrong>when\u003C\u002Fstrong> it happened, which plugins were updated and any suspicious activity – all in one place.\u003C\u002Fp>\n\u003Cp>Perfect for businesses, e-commerce stores, agencies, and multi-user sites that need visibility into who did what, when, and where. Whether you’re \u003Cstrong>troubleshooting\u003C\u002Fstrong> issues, staying \u003Cstrong>compliant\u003C\u002Fstrong>, or monitoring for \u003Cstrong>security\u003C\u002Fstrong> threats, Activity Log Pro makes it easy to keep your site \u003Cstrong>secure\u003C\u002Fstrong> and transparent.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FlXFKMhagrrY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Why Use an Activity Log in WordPress?\u003C\u002Fh3>\n\u003Cp>Understand every action on your site, reduce \u003Cstrong>security\u003C\u002Fstrong> risks, and simplify \u003Cstrong>compliance\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security & Compliance\u003C\u002Fstrong>: Stay compliant with GDPR, HIPAA, and other regulations while detecting failed logins, role changes, and suspicious behavior.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Troubleshooting & Debugging\u003C\u002Fstrong>: See exactly what changed before something broke – track plugin updates, theme edits, and content changes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Accountability & Audit Trails\u003C\u002Fstrong>: Know exactly who did what, when, and from which IP address for complete transparency and legal \u003Cstrong>compliance\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance & Site Health\u003C\u002Fstrong>: Monitor plugin installations, theme changes and modifications that impact your site’s speed and stability.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enhanced Backup Strategy\u003C\u002Fstrong>: Create detailed change logs that complement your backups – know exactly what to restore and when changes occurred.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Security Monitoring\u003C\u002Fstrong>: Track failed logins, suspicious activities, user role changes, and potential \u003Cstrong>security\u003C\u002Fstrong> threats in real-time.\u003C\u002Fp>\n\u003Ch3>Key Features Our Users Love\u003C\u002Fh3>\n\u003Ch3>🚀 Complete Core Activity Tracking\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>User login\u002Flogout activities with IP tracking\u003C\u002Fli>\n\u003Cli>Failed login attempt monitoring for security\u003C\u002Fli>\n\u003Cli>Post, page, and custom post type changes (create, update, delete)\u003C\u002Fli>\n\u003Cli>Media library activities (upload, edit, delete)\u003C\u002Fli>\n\u003Cli>Plugin installations, activations, deactivations, and updates\u003C\u002Fli>\n\u003Cli>Theme switches, installations, and customizer changes\u003C\u002Fli>\n\u003Cli>WordPress core updates\u003C\u002Fli>\n\u003Cli>Widget modifications and placement changes\u003C\u002Fli>\n\u003Cli>Menu creation, updates, and deletions\u003C\u002Fli>\n\u003Cli>User registration, profile updates, and role changes\u003C\u002Fli>\n\u003Cli>Comment activities (approved, spam, trash, delete)\u003C\u002Fli>\n\u003Cli>Settings and options changes\u003C\u002Fli>\n\u003Cli>Category and tag management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔌 Advanced Plugin Integrations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WooCommerce Integration\u003C\u002Fstrong>: Complete e-commerce activity monitoring – track order modifications, product changes, inventory updates, customer data edits, payment gateway settings, and coupon usage for full store \u003Cstrong>audit trails\u003C\u002Fstrong> (Premium)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Yoast SEO Integration\u003C\u002Fstrong>: Monitor all SEO changes including meta descriptions, title tags, search engines follow links, Advanced Meta Robots, Breadcrumbs Title updates, focus keyword changes, and readability optimizations to maintain SEO integrity (Premium)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Free Professional Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Real-time activity monitoring dashboard\u003C\u002Fli>\n\u003Cli>Advanced filtering and search capabilities\u003C\u002Fli>\n\u003Cli>Detailed activity metadata and context\u003C\u002Fli>\n\u003Cli>IP address tracking for \u003Cstrong>security\u003C\u002Fstrong> analysis\u003C\u002Fli>\n\u003Cli>User role-based activity permissions\u003C\u002Fli>\n\u003Cli>Customizable data retention policies\u003C\u002Fli>\n\u003Cli>Export capabilities (CSV, JSON, HTML and TXT formats)\u003C\u002Fli>\n\u003Cli>Clean, responsive admin interface\u003C\u002Fli>\n\u003Cli>Database optimization for performance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💎 Premium Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Upgrade to Activity Log Pro Premium\u003C\u002Fstrong> for advanced \u003Cstrong>security\u003C\u002Fstrong> and privacy controls:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Advanced IP Privacy Controls\u003C\u002Fstrong> – GDPR-compliant IP anonymization and masking options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Location Mapping\u003C\u002Fstrong> – Geographical insights for visitor analysis and \u003Cstrong>security\u003C\u002Fstrong> monitoring\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Enhanced Security Features\u003C\u002Fstrong> – Real-time logs and suspicious activity logs (via Live Monitor)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>JSON Feed Export\u003C\u002Fstrong> – SIEM integration with \u003Cstrong>secure\u003C\u002Fstrong> token-based access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce Logger\u003C\u002Fstrong> – Comprehensive e-commerce tracking (orders, products, customers)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Yoast SEO Logger\u003C\u002Fstrong> – Complete SEO \u003Cstrong>audit trails\u003C\u002Fstrong> for meta data and schema changes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support\u003C\u002Fstrong> – Direct access to expert support with faster response times\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Factivitylog.pro\u002Ffeatures\u002F#compare\" rel=\"nofollow ugc\">👉 Compare Free vs Premium Features \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002FActivityLogPro\" rel=\"nofollow ugc\">👉 Try out the Demo \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Enterprise-Grade Performance & Database Architecture\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>⚡ Optimized Data Storage\u003C\u002Fstrong>\u003Cbr \u002F>\nActivity Log Pro utilizes a dedicated custom database table specifically engineered for high-performance activity logging. This intelligent architecture ensures your WordPress site maintains peak performance even with extensive logging enabled. Our custom table design eliminates the overhead associated with WordPress’s standard post and meta tables, delivering lightning-fast query responses and minimal server resource consumption.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✔️ Performance Features\u003C\u002Fstrong>\u003Cbr \u002F>\nOptimized Logging – Our logging system captures activities with minimal performance impact through efficient database operations and intelligent caching. While logging occurs in real-time to ensure data integrity, the system is designed with optimized queries and caching strategies to minimize any potential impact on site performance.\u003C\u002Fp>\n\u003Ch3>Complete Uninstall & Database Hygiene\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🧹 Professional Clean Removal\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin includes a comprehensive uninstall option that completely removes all plugin data when you choose to uninstall. Our automated cleanup routine meticulously removes the custom activity log table, plugin options, scheduled tasks, and any associated metadata, leaving your WordPress database in its original pristine state.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🗂️ Database Integrity Protection\u003C\u002Fstrong>\u003Cbr \u002F>\nWe prioritize your database’s long-term health. The uninstall process includes verification steps to ensure complete data removal without affecting any other WordPress functionality. This commitment to database cleanliness means you can confidently test or temporarily use Activity Log Pro without worrying about leftover data cluttering your system.\u003C\u002Fp>\n\u003Ch3>🛡️ Security & Privacy\u003C\u002Fh3>\n\u003Cp>Activity Log Pro takes your privacy and \u003Cstrong>security\u003C\u002Fstrong> seriously:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>IP Address Anonymization by Default\u003C\u002Fstrong> – All IP addresses are automatically anonymized (e.g., 192.168.1.xxx) for privacy protection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Standard Security\u003C\u002Fstrong> – Database security practices (prepared statements, input sanitization)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Data Retention\u003C\u002Fstrong> – Meet your privacy requirements with customizable retention periods\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator-Only Access\u003C\u002Fstrong> – All plugin features require administrator privileges for security\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin uses the following third-party services:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IP Geolocation Service (ipinfo.io)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Purpose\u003C\u002Fstrong>: Provides geographical location data for IP addresses to enhance security monitoring\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: IP addresses are sent to ipinfo.io for location lookup when administrators manually request IP location information\u003Cbr \u002F>\n– \u003Cstrong>When Used\u003C\u002Fstrong>: Only when administrators manually request IP location information via the admin interface\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fipinfo.io\u002Fprivacy-policy\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fipinfo.io\u002Fterms-of-service\u003Cbr \u002F>\n– \u003Cstrong>Data Storage\u003C\u002Fstrong>: Location data is cached locally for 24 hours to minimize API calls\u003Cbr \u002F>\n– \u003Cstrong>User Control\u003C\u002Fstrong>: This feature is optional and only available to administrators who explicitly request IP location data\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Payment Processing Service (LemonSqueezy)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Purpose\u003C\u002Fstrong>: Handles secure payment processing, license validation, and subscription management for premium features\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: When users choose to purchase premium plans, payment information (credit card details, billing address), email address, and license details are processed by LemonSqueezy\u003Cbr \u002F>\n– \u003Cstrong>When Used\u003C\u002Fstrong>: Only when users voluntarily initiate premium plan purchases, license activation, or subscription management\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fwww.lemonsqueezy.com\u002Fprivacy\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fwww.lemonsqueezy.com\u002Fterms\u003Cbr \u002F>\n– \u003Cstrong>Data Storage\u003C\u002Fstrong>: Payment and license data is managed entirely by LemonSqueezy – no payment information is stored on your WordPress site\u003Cbr \u002F>\n– \u003Cstrong>User Control\u003C\u002Fstrong>: Users have complete control over whether to purchase premium features and can manage their subscriptions through LemonSqueezy’s customer portal\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Newsletter Subscription Service (LemonSqueezy)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Purpose\u003C\u002Fstrong>: Allows users to voluntarily subscribe to product updates and educational content newsletters\u003Cbr \u002F>\n– \u003Cstrong>Data Sent\u003C\u002Fstrong>: Name and email address only when users explicitly choose to subscribe to the newsletter\u003Cbr \u002F>\n– \u003Cstrong>When Used\u003C\u002Fstrong>: Only when users voluntarily fill out and submit the newsletter subscription form in the plugin settings\u003Cbr \u002F>\n– \u003Cstrong>Privacy Policy\u003C\u002Fstrong>: https:\u002F\u002Fwww.lemonsqueezy.com\u002Fprivacy\u003Cbr \u002F>\n– \u003Cstrong>Terms of Service\u003C\u002Fstrong>: https:\u002F\u002Fwww.lemonsqueezy.com\u002Fterms\u003Cbr \u002F>\n– \u003Cstrong>Data Storage\u003C\u002Fstrong>: Newsletter subscription data is managed by LemonSqueezy – no subscription information is stored on your WordPress site\u003Cbr \u002F>\n– \u003Cstrong>User Control\u003C\u002Fstrong>: Users have complete control over newsletter subscription and can unsubscribe at any time via email links or LemonSqueezy’s customer portal\u003C\u002Fp>\n\u003Ch3>📊 Perfect For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Business Websites & Corporate Sites\u003C\u002Fstrong>: Maintain GDPR \u003Cstrong>compliance\u003C\u002Fstrong>, PCI DSS standards, and \u003Cstrong>audit trail\u003C\u002Fstrong> requirements for regulatory inspections and security protocols.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce & E-commerce Stores\u003C\u002Fstrong>: Track order modifications, product changes, inventory adjustments, customer data access, and payment processing for fraud prevention and \u003Cstrong>compliance\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-user WordPress Sites\u003C\u002Fstrong>: Monitor team member activities, role changes, content approvals, and administrative access for complete user accountability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Development & Staging Sites\u003C\u002Fstrong>: Track plugin installations, removal, theme modifications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Digital Agencies & Web Development Companies\u003C\u002Fstrong>: Provide detailed client reporting, transparent site maintenance logs, and professional audit documentation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Membership Sites & Private Communities\u003C\u002Fstrong>: Track member activities, subscription changes, content access, and community moderation actions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Educational Institutions & Learning Management\u003C\u002Fstrong>: Monitor student submissions, instructor activities, course content changes, and user enrollment modifications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>News & Publishing Websites\u003C\u002Fstrong>: Monitor editorial workflows, content publication schedules, author activities, and SEO optimization changes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 Easy Setup & Configuration\u003C\u002Fh3>\n\u003Cp>Get started in minutes:\u003Cbr \u002F>\n1. Install and activate the plugin – it works out of the box with default settings\u003Cbr \u002F>\n2. Configure which activities to track (optional)\u003Cbr \u002F>\n3. Set your data retention preferences (optional)\u003Cbr \u002F>\n4. Start monitoring immediately\u003Cbr \u002F>\n(There are various other Settings for you to explore)\u003C\u002Fp>\n\u003Cp>No complex setup required – Activity Log Pro works right away with sensible defaults while offering extensive customization options for advanced users.\u003C\u002Fp>\n\u003Ch3>💡 Use Cases\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Troubleshooting\u003C\u002Fstrong>: “What changed right before the site broke?”\u003Cbr \u002F>\n\u003Cstrong>Security Monitoring\u003C\u002Fstrong>: “Who attempted to login with admin credentials?”\u003Cbr \u002F>\n\u003Cstrong>Content Management\u003C\u002Fstrong>: “When was this post last modified and by whom?”\u003Cbr \u002F>\n\u003Cstrong>Compliance\u003C\u002Fstrong>: “Show me all user activities for the past 6 months”\u003Cbr \u002F>\n\u003Cstrong>Performance\u003C\u002Fstrong>: “What plugins were recently activated that might be slowing the site?”\u003C\u002Fp>\n\u003Ch3>System Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 6.3 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>MySQL 5.6 or higher (or MariaDB 10.0+)\u003C\u002Fli>\n\u003Cli>Minimum 64MB PHP memory limit (128MB recommended)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Database Information\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Creates custom table\u003C\u002Fstrong>: \u003Ccode>{prefix}actlogpro_activity_log_pro_all_logs\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Estimated storage\u003C\u002Fstrong>: ~1KB per logged event\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic cleanup\u003C\u002Fstrong>: Based on retention settings (7-365 days)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uses WordPress database prefix\u003C\u002Fstrong>: Follows WordPress naming conventions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known Limitations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multisite networks\u003C\u002Fstrong>: Each site maintains separate logs (no network-wide centralized logging)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Administrator-only access\u003C\u002Fstrong>: Requires \u003Ccode>manage_options\u003C\u002Fcode> capability – only Administrators and Super Admins can access plugin features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High-traffic sites\u003C\u002Fstrong>: Consider adjusting retention periods for optimal performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory-intensive operations\u003C\u002Fstrong>: May require increased PHP memory limits for large exports or extensive logging\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Feed export limits\u003C\u002Fstrong>: RSS\u002FJSON feeds are limited to 50-100 entries per request\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time logging\u003C\u002Fstrong>: Continuous logging may impact performance on extremely high-traffic sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database dependency\u003C\u002Fstrong>: Uses MySQL\u002FMariaDB-specific features and functions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Activity Log Pro logs user activities on your WordPress site. This may include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User login\u002Flogout times and IP addresses (anonymized by default)\u003C\u002Fli>\n\u003Cli>Content creation, modification, and deletion activities\u003C\u002Fli>\n\u003Cli>Plugin and theme changes\u003C\u002Fli>\n\u003Cli>Administrative actions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Data Storage\u003C\u002Fstrong>: All activity logs are stored locally on your WordPress site. No log data is transmitted to external servers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IP Address Privacy\u003C\u002Fstrong>: IP addresses are automatically anonymized by default (e.g., 192.168.1.xxx) for privacy protection. Full IP addresses are only stored if explicitly enabled by administrators in the premium version.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Third-Party Services\u003C\u002Fstrong>: The plugin uses ipinfo.io for optional IP geolocation lookups when administrators manually request location information, and LemonSqueezy for payment processing when users choose to purchase premium features and for newsletter subscriptions when users voluntarily sign up. The ipinfo.io service is only used when explicitly requested and data is cached locally. LemonSqueezy is only used when users voluntarily initiate premium purchases, subscription management, or newsletter signups.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Retention\u003C\u002Fstrong>: You can configure data retention periods to meet your privacy requirements. You can configure a secure JSON feed, with access via a secure authentication token, available in Premium \u003Ca href=\"https:\u002F\u002Factivitylog.pro\u002Fpricing\u002F\" rel=\"nofollow ugc\">\u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> activitylog.pro\u002Fpricing\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, documentation, and feature requests, please visit:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Plugin Website \u003Ca href=\"https:\u002F\u002Factivitylog.pro\u002F\" rel=\"nofollow ugc\"> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> activitylog.pro\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Get Support \u003Ca href=\"https:\u002F\u002Factivitylog.pro\u002Fsupport\u002F\" rel=\"nofollow ugc\"> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> activitylog.pro\u002Fsupport\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Plugin Docs \u003Ca href=\"https:\u002F\u002Factivitylog.pro\u002Fdocs\u002F\" rel=\"nofollow ugc\"> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> activitylog.pro\u002Fdocs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Following on Twitter\u002FX \u003Ca href=\"https:\u002F\u002Fx.com\u002FActivityLog\" rel=\"nofollow ugc\"> \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> x.com\u002FActivityLog\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Professional WordPress Activity Log. Track logins, user actions, content changes, and system events to see who did what, when, and where.",1561,13,"2026-03-05T12:26:00.000Z","6.3",[87,88,19,21,89],"activity-log","audit-trail","user-activity","https:\u002F\u002Factivitylog.pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factivity-log-pro.1.0.4.zip",{"slug":93,"name":94,"version":61,"author":39,"author_profile":40,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":11,"num_ratings":11,"last_updated":99,"tested_up_to":100,"requires_at_least":49,"requires_php":50,"tags":101,"homepage":71,"download_link":103,"security_score":73,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"gdpr-for-formidable-forms","GDPR Framework Add-on for Formidable Forms","\u003Cp>This plugin is a service of \u003Ca href=\"https:\u002F\u002Fdata443.com\" rel=\"nofollow ugc\">Data443\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Data443 is a Data Security and Compliance company traded on the OTCMarkets as \u003Ca href=\"https:\u002F\u002Fwww.otcmarkets.com\u002Fstock\u002FATDS\u002Foverview\" rel=\"nofollow ugc\">ATDS\u003C\u002Fa>. We have been providing leading GDPR compliance products such as Global Privacy Manager (\u003Ca href=\"https:\u002F\u002Fwww.data443.com\u002Fglobal-privacy-manager\u002F\" rel=\"nofollow ugc\">Data443™ Global Privacy Manager\u003C\u002Fa>), Blockchain privacy, and enterprise cloud eDiscovery tools.\u003C\u002Fp>\n\u003Cp>The easiest way to make your Formidable Forms GDPR compliant!\u003C\u002Fp>\n\u003Cp>This plugin adds new privacy features to Formidable Forms. Your visitors can download or delete their form submissions automatically or submit a request for the site admin to do so.\u003C\u002Fp>\n\u003Cp>Until WordPress releases their own GDPR compliance update, this plugin requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-framework\u002F\" rel=\"ugc\">The GDPR Framework\u003C\u002Fa> to function (it’s free!)\u003C\u002Fp>\n\u003Cp>Make sure to also read the guide! You don’t need to drown your customers in pointless acceptance checkboxes if you know what you’re doing!\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>Using Formidable Forms: GDPR Add-On does NOT guarantee compliance to GDPR. This plugin gives you general information and tools, but is NOT meant to serve as complete compliance package. Compliance to GDPR is risk-based ongoing process that involves your whole business. Data443 is not eligible for any claim or action based on any information or functionality provided by this plugin.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>How to use this plugin (practical guide): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F28278942\" rel=\"nofollow ugc\">Making your Formidable Forms GDPR-compliant\u003C\u002Fa>\u003Cbr \u002F>\nHow to use this plugin (the legal stuff explained): \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2079293576\" rel=\"nofollow ugc\">Legal grounds for processing data\u003C\u002Fa>\u003Cbr \u002F>\nFull documentation: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2078998660\" rel=\"nofollow ugc\">The WordPress Site Owner’s Guide to GDPR\u003C\u002Fa>\u003Cbr \u002F>\nFor developers: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F2082439194\" rel=\"nofollow ugc\">Developer Docs\u003C\u002Fa>\u003Cbr \u002F>\nKnowledge Base: \u003Ca href=\"https:\u002F\u002Fdata443.atlassian.net\u002Fservicedesk\u002Fcustomer\u002Fportal\u002F2\u002Farticle\u002F192708653\" rel=\"nofollow ugc\">Knowledge Base\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>☑ Allow both users and visitors without an account to view, export and delete their form submissions or request the site admin to do so;\u003Cbr \u002F>\n☑ Configure forms to be excluded from viewing, exporting or deleting.\u003Cbr \u002F>\n☑ Support for anonymization: allow admin to select which fields must be anonymized;\u003Cbr \u002F>\n☑ Track, manage and withdraw consent.\u003C\u002Fp>\n","Tools to help with making Formidable Forms GDPR-compliant. Fully documented, extendable and developer-friendly.",40,5111,"2023-03-30T20:23:00.000Z","6.2.9",[19,102,20,52,21],"formidable-forms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-for-formidable-forms.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":15,"requires_php":118,"tags":119,"homepage":123,"download_link":124,"security_score":73,"vuln_count":125,"unpatched_count":11,"last_vuln_date":126,"fetched_at":27},"aryo-activity-log","Activity Log – Monitor & Record User Changes","2.11.2","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cstrong>AN EASY TO USE & FULLY SUPPORTED WORDPRESS ACTIVITY LOG PLUGIN\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Want to monitor and track your WordPress website activity? Find out exactly who does what on your WordPress website with this plugin. Activity Log is like an airplane’s black box that logs every action in the WordPress admin, and lets you see exactly what users are doing on your WordPress website.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If someone is trying to hack your site\u003C\u002Fli>\n\u003Cli>When a post was published, and who published it\u003C\u002Fli>\n\u003Cli>If a plugin\u002Ftheme was activated\u002Fdeactivated\u003C\u002Fli>\n\u003Cli>Suspicious admin activity\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s so essential; you’ll wonder how you ever managed your website without it. The plugin is also lightning fast and works behind the scenes, so it doesn\\’t affect site and admin performance. For optimal performance, we built the plugin so that it runs on a separate table in the database.\u003C\u002Fp>\n\u003Cp>If you have more than a handful of users, keeping track of who did what is virtually impossible. This plugin solves that issue by tracking what actions were initiated by which users, and displaying it in an easy-to-use and easy-to-filter view on the dashboard of your WordPress site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New! Introducing Email Logging\u003C\u002Fstrong> – Capture all emails sent from your WordPress site for streamlined debugging and compliance. Gain better visibility into email communication, aiding both troubleshooting and record-keeping. This is particularly beneficial for WooCommerce stores, allowing you to easily track sent emails alongside other critical site events.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Export to CSV\u003C\u002Fstrong> – Export your Activity Log data records to CSV. Developers can easily add support for custom data formats with our new dedicated Export API.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Privacy and GDPR Compliance\u003C\u002Fstrong> – We provide the tools to help you adhere to GDPR compliance standards, including Export\u002FErasure of data via the WordPress Privacy Tools.\u003C\u002Fp>\n\u003Ch3>With the Activity Log you can record:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong> – Core updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pages\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post Type\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tags\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Categories\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Taxonomies\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Menus\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media\u003C\u002Fstrong> – Created, updated, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comments\u003C\u002Fstrong> – Created, approved, unapproved, trashed, untrashed, spammed, unspammed, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Users\u003C\u002Fstrong> – Login, logout, login failed, update profile, registered, deleted\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugins\u003C\u002Fstrong> – Installed, updated, activated, deactivated, changed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Themes\u003C\u002Fstrong> – Installed, updated, deleted, activated, changed (Editor and Customizer)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Widgets\u003C\u002Fstrong> – Added to sidebar, deleted from sidebar, order widgets\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setting\u003C\u002Fstrong> – General, writing, reading, discussion, media, permalinks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Options\u003C\u002Fstrong> – Extended custom settings for 3rd party plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u003C\u002Fstrong> – Exported activity log file\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce\u003C\u002Fstrong> – Track products, orders, customers, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>bbPress\u003C\u002Fstrong> – Forums, topics, replies, taxonomies, and other actions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Emails sent from WordPress site\u003C\u002Fstrong> – Sending successful, sending failed\u003C\u002Fli>\n\u003Cli>There’s more, of course, but you get the point…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For each event recorded by the activity log, the following details are also logged:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Date and time of occurrence\u003C\u002Fli>\n\u003Cli>User and user role responsible for the change\u003C\u002Fli>\n\u003Cli>Source IP address from which the change originated\u003C\u002Fli>\n\u003Cli>Affected object where the change occurred\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin doesn\\’t require any kind of setup; it works right out of the box (just another reason people love it)!\u003C\u002Fp>\n\u003Ch3>Data Storage and Performance Optimization\u003C\u002Fh3>\n\u003Cp>In order to ensure optimal performance of your website, all events and logs data are stored in a dedicated custom table within your WordPress database. This approach significantly reduces the impact on your website’s performance, ensuring seamless operation even during peak traffic periods.\u003C\u002Fp>\n\u003Ch3>Uninstall Clean-up\u003C\u002Fh3>\n\u003Cp>We understand the importance of maintaining a clean and efficient database environment. That’s why our plugin features an uninstall hook that seamlessly removes all traces of its presence from your website when uninstalling. This meticulous clean-up process ensures that your database remains lean and clutter-free even after our plugin has been removed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With our optimized data storage, thorough logging, and meticulous clean-up process, you can trust that our plugin will enhance the functionality and security of your WordPress site without compromising its performance.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>What users have to say\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cem>“Its tools, particularly for data privacy and GDPR compliance, make it indispensable for websites operating within European Union boundaries or dealing with EU citizens’ data”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fblog.hubspot.com\u002Fwebsite\u002F8-best-plugins-tracking-user-activity-wordpress\" rel=\"nofollow ugc\">HubSpot.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“If you’re after a competent WP security audit log plugin with all the basic features you need, Activity Log is it!”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002Fplugins\u002Fwordpress-activity-log-plugins\u002F\" rel=\"nofollow ugc\">WPAstra.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log features a remarkably straightforward dashboard interface, providing administrators with an at-a-glance understanding of site interactions”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.malcare.com\u002Fblog\u002Fwordpress-activity-log\u002F\" rel=\"nofollow ugc\">Malcare.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Best 10 Free WordPress Plugins of the Month: Keeping tabs on what your users do with their access to the Dashboard”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fmanagewp.com\u002Fbest-free-wordpress-plugins-july-2014\" rel=\"nofollow ugc\">ManageWP.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Thanks to this step, we’ve discovered that our site was undergoing a brute force attack”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fartdriver.com\u002Fblog\u002Fwordpress-site-hacked-solution-time\" rel=\"nofollow ugc\">Artdriver.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Optimized code – The plugin itself is blazing fast and leaves almost no footprint on the server”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.freshtechtips.com\u002F2014\u002F01\u002Fbest-audit-trail-plugins-for-wordpress.html\" rel=\"nofollow ugc\">FreshTechTips.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cem>“Activity Log lets you track a huge range of activities. Overall, very easy to use and setup”\u003C\u002Fem> – \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Ftips-tricks\u002F5-best-ways-to-monitor-wordpress-activity-via-the-dashboard\" rel=\"nofollow ugc\">ElegantThemes.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributions:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Would you like to contribute to this plugin?\u003C\u002Fstrong> You’re more than welcome to submit your pull requests on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpojome\u002Factivity-log\" rel=\"nofollow ugc\">GitHub repo\u003C\u002Fa>. And, if you have any notes about the code, please open a ticket on the issue tracker.\u003C\u002Fp>\n","This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.",200000,3995902,86,74,"2024-11-12T14:55:00.000Z","6.7.5","7.0",[87,120,121,21,122],"audit-log","email-log","user-log","https:\u002F\u002Factivitylog.io\u002F?utm_source=wp-plugins&utm_campaign=plugin-uri&utm_medium=wp-dash","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faryo-activity-log.2.11.2.zip",9,"2024-11-20 17:10:23",{"attackSurface":128,"codeSignals":157,"taintFlows":169,"riskAssessment":170,"analyzedAt":179},{"hooks":129,"ajaxHandlers":153,"restRoutes":154,"shortcodes":155,"cronEvents":156,"entryPointCount":11,"unprotectedCount":11},[130,135,139,144,148],{"type":131,"name":132,"callback":133,"file":134,"line":83},"action","admin_menu","add_admin_menu","includes\\class-cra-admin.php",{"type":131,"name":136,"callback":137,"file":134,"line":138},"admin_enqueue_scripts","enqueue_assets",14,{"type":131,"name":140,"callback":141,"file":142,"line":143},"rest_api_init","register_routes","includes\\class-cra-rest-api.php",16,{"type":131,"name":145,"callback":146,"file":147,"line":83},"admin_init","register_settings","includes\\class-cra-settings.php",{"type":131,"name":149,"callback":150,"file":151,"line":152},"plugins_loaded","resicoma_init","resilience-compliance-manager.php",46,[],[],[],[],{"dangerousFunctions":158,"sqlUsage":159,"outputEscaping":166,"fileOperations":11,"externalRequests":30,"nonceChecks":11,"capabilityChecks":30,"bundledLibraries":168},[],{"prepared":66,"raw":66,"locations":160},[161,164],{"file":142,"line":162,"context":163},166,"$wpdb->get_results() with variable interpolation",{"file":142,"line":165,"context":163},251,{"escaped":66,"rawEcho":11,"locations":167},[],[],[],{"summary":171,"deductions":172},"The resilience-compliance-manager plugin version 1.2.12 exhibits a strong security posture based on the provided static analysis.  The absence of any detected dangerous functions, file operations, or critical taint flows is commendable. Furthermore, the plugin demonstrates good practices by ensuring all detected outputs are properly escaped and utilizing prepared statements for half of its SQL queries. The minimal external HTTP requests and a single capability check also suggest a controlled and thought-out implementation.  The plugin's vulnerability history is completely clean, with zero recorded CVEs of any severity. This lack of historical vulnerabilities, coupled with the current static analysis findings, indicates a well-maintained and likely secure plugin.\n\nWhile the overall security is positive, a key area for potential improvement lies in the lack of any identified nonce checks for the observed capability check and the complete absence of nonce checks generally. Although the attack surface is currently zero, if any new entry points are introduced in the future without proper nonce validation, it could create a significant security risk.  The 50% prepared statement usage for SQL queries, while not ideal, is acceptable given the small number of queries.  Overall, this plugin appears to be robust, but a future focus on implementing nonce checks for any administrative or user-facing functionalities would further enhance its security.",[173,176],{"reason":174,"points":175},"SQL queries not using prepared statements",5,{"reason":177,"points":178},"No nonce checks identified",10,"2026-03-17T06:46:54.839Z",{"wat":181,"direct":190},{"assetPaths":182,"generatorPatterns":185,"scriptPaths":186,"versionParams":187},[183,184],"\u002Fwp-content\u002Fplugins\u002Fresilience-compliance-manager\u002Fadmin\u002Fbuild\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fresilience-compliance-manager\u002Fadmin\u002Fbuild\u002Fjs\u002Fcra-compliance-admin.js",[],[184],[188,189],"resilience-compliance-manager\u002Fadmin\u002Fbuild\u002Fcss\u002Fstyle.css?ver=","resilience-compliance-manager\u002Fadmin\u002Fbuild\u002Fjs\u002Fcra-compliance-admin.js?ver=",{"cssClasses":191,"htmlComments":193,"htmlAttributes":194,"restEndpoints":196,"jsGlobals":198,"shortcodeOutput":200},[192],"resicoma-root",[],[195],"id=\"resicoma-root\"",[197],"\u002Fresicoma\u002Fv1\u002F",[199],"resicomaData",[]]